Share this story

Further Reading

We now live in a world where if you have an IP-enabled security camera, you can download some free, open-source software from GitHub and boom—you have a fully functional automated license plate reader (ALPR, or LPR).

Welcome to the sousveillance state: the technology that was once was just the purview of government contractors a few years ago could now be on your own street soon.

For years now, specialized LPR cameras have been used mounted in fixed locations or on police cars. These devices scan passing license plates using optical character recognition technology, checking each plate against a "hot list" of stolen or wanted vehicles. The devices can read up to 60 plates per second and typically record the date, time, and GPS location of any plates—hot or not.

With this new open-source software, anyone can freely and easily create their own hot list.

Further Reading

For the last six months, the two-man team behind OpenALPR has built this software and given it away for free, largely as a way to draw attention to their other paid services: a cloud-based $50 per camera per month solution that includes "high-speed processing" and "priority tech support." The company also offers a $1,000 per camera per month "on-premises" version that integrates with an existing (usually government) network that has qualms about outsourcing data storage.

OpenALPR notes its software "will work with any camera that supports MJPEG streams. This includes visible-light and infrared cameras. The camera and optics should be configured such that the license plates are clearly legible in the video stream."

Matt Hill, OpenALPR’s founder, told Ars that this is a good way to level the playing field and mitigate the need for long-term retention.

"I’m a big privacy advocate as well—now you’ve got LPR just in the hands of the government, which isn’t a good thing. This brings costs down," he said.

On the government side, there have been incidents where police-owned LPR misread and led to dangerous confrontations. Some cities have mounted such cameras at their city borders, monitoring who comes in and out (case in point: the wealthy city of Piedmont, California, which is totally surrounded by Oakland). And again, the data associated with LPRs (plate, date, time, location) is often retained for months or years.

Fully legal

Further Reading

As the nation’s largest LPR private data collection company—Vigilant Solutions—has argued, automatically collecting license plates in public is fully within the bounds of the law. After all, drivers do not have a reasonable expectation of privacy over their publicly-visible plate number while driving down public roads.

As a result, privacy advocates say, there’s not much to stop someone who wanted to use OpenALPR and compile their own hot list for cars passing in front of their home. An enterprising person could even use a car-mounted camera and create a mobile plate hunting device along the lines of what many police agencies already use.

Jennifer Lynch, an attorney with the Electronic Frontier Foundation, told Ars that she had never heard of something like this.

"While a handful of states have passed laws explicitly restricting private citizens and companies from using ALPR technology, outside of those states, there is not much in the law that would prevent someone from using the technology unless its use rises to the level of stalking or harassment," she e-mailed Ars. "License plates are exposed to public view, and ALPR companies like Vigilant consistently argue they have a First Amendment right to photograph plates and retain the data they collect."

Mike Katz-Lacabe, a San Leandro, Calif.-based privacy activist, concurred. His local police department captured a photo of him and his daughters in their own driveway in 2009.

"Law enforcement has always argued that this technology does not violate privacy because you have no reasonable expectation of privacy in a public place," he e-mailed. "If someone takes an open source ALPR in a car and parks it outside the local police department, local sheriff’s office, etc., will they keep putting forward that same argument? What if that information, complete with photos of the driver and vehicle, are posted on a public web site?"

Hill added that while his young company isn’t getting immediately rich, having only brought in less than $500,000 in revenue so far, he’s gotten a lot of interest from small business that are interested in perimeter security.

"Right now the big government agencies, they spend so much on these cameras that they want to catch the bad guys, but they want to get a ton of value out of them," he said. "Now they have a list of 100 bad guys, and they find one, and then I think everybody likes that—they think that we want to save this data. That’s kind of dangerous. Whereas if the price of these cameras was 10 times cheaper, that need [for long-term retention] isn’t there. I think you don’t even need retention if you have adequate coverage. I think people are concerned about the data being only exclusive to government. Having the LPRs in the hands of private individuals is not a bad thing."

Share this story

Cyrus Farivar
Cyrus is a Senior Tech Policy Reporter at Ars Technica, and is also a radio producer and author. His latest book, Habeas Data, about the legal cases over the last 50 years that have had an outsized impact on surveillance and privacy law in America, is out now from Melville House. He is based in Oakland, California. Emailcyrus.farivar@arstechnica.com//Twitter@cfarivar